Important information about Intel Side Channel Vulnerability L1TF

As you may have read elsewhere in the media, Intel recently published details of a new side-channel attack called L1 terminal fault (L1TF). The L1TF issue only affects hardware capable of simultaneous multithreading (SMT) and which has the SMT feature enabled.

We have been aware of the L1TF issue since it was announced, and have been working with Intel, our hardware vendors, and other cloud providers to better understand the impact of the issue and to mitigate the risk to customers.

A small portion of VC1 instances, about 10%, are running on servers with SMT capable processors. We are taking steps to mitigate the L1TF issue through a combination of firmware updates, kernel updates, and tuning of the L1 cache eviction policy.

We will be informing customers with affected VC1 instances in advance of any maintenance required to implement L1TF mitigations.

All customers with Pro X64 instances are running on hardware impacted by the L1TF issue. We are working with our hardware vendors to implement the microcode fixes and will inform customers of maintenance required to finish implementing the L1TF mitigations.

To summarize the impact of L1TF to our customers:

C1 and ARM64 offers are unaffected by the L1TF issue as they do not use Intel processors

C2 and START offers are not affected as their processors do not support SMT